[VIM] The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit
Stuart Moore
smoore at securityglobal.net
Tue Oct 10 23:49:53 EDT 2006
Sorry, I didn't see that str0ke posted this same info to bugtraq already.
Stuart
Stuart Moore wrote:
> At least in "index.php" there is this (preventing user specification of
> isearch_path):
>
> > $isearch_path = dirname(__FILE__);
>
> Didn't check the others.
>
> Stuart
>
>
>
>
>
> > From: xp1o at msn.com
> > Subject: The latest version of iSearch is V2.16 <= (index.php)
> > Remote File Inclusion Exploit
> > Date: 7 Oct 2006 22:14:00 -0000
>
>
More information about the VIM
mailing list